:: WELCOME TO MY BLOG, PLEASE COMMENT ::

Wednesday, May 27, 2020

Booting an OVA on PROXMOX

Copying the OVA over to the Proxmox Server
You can use any method you prefer to get the OVA over to the Proxmox server. I have a portable USB drive that I use on my home server.  I download most of my ISO, OVA, and VMDK images onto the drive and then simply plug it back in.  That is just convenient and what works for ME. You can do whatever YOU like. If you are copying from a Windows host WinSCP is a secure and easy route to go. A view of the console is presented in Figure 1.
WinSCP can be downloaded here:
- C: Windows Name Windows. old 
Windows 
users 
user Manual 
TRiLOG 
temp 
Sqlite 
Recovery 
Python23 
Program Files (x86) 
Drcpeqies 
New. 
Size Type 
File folder 
File folder 
File folder 
File folder 
File folder 
File folder 
File folder 
File folder 
File folder 
File folder 
File folder 
Changed 
10/25/2018 2:4045 PM 
2/20/2019 PM 
10/19/2018 
10/19/2018 347:30 PM 
11/20/2018 PM 
2/20/2019 10:25:13 PM 
1/19/2019 PM 
10/19/2018 PM 
1/20/2019 64702 PM 
2/4/2019 8-4802 PM 
2/23/2019 PM 
Dcwn'oad • 
la te/iso/ 
Name 
System Volume Inform.. 
cache 
BlueScope Real 
SRECYCLE.81N 
enisa-main3.ova 
Size 
$984, 370m 
4, 2 19,264m 
4.1 a560m 
Properties 
New. 
Changed 
11/16/2018 PM 
5/7/2017 PM 
5/3/2017 PM 
11/19/2018 10:31:12 AM 
11/19/2018 AM 
5/3/2017 3:30:46 PM 
4/17/2018 105816 PM 
2/20/2019 214.07 PM 
5/3/2017 PM 
2/26/2019 AM 
5/3/2017 PM 
Rights 
rwxrwxrwx 
rwxrwxrwx 
noxrwxrv.'x 
rwxrwxrwx 
rwxrwxrwx 
root 
ant 
root 
root 
root 
ant 
root
Figure 1. Win SCP view of Windows Host and Proxmox Server
My goal was to get the “enisa-main3.ova” seen in Figure 1. to run on my PROXMOX 5 2-10 server. I imported the OVA to the “/var/lib/vz/template/iso/” directory via WinSCP.  That is the directory where all of my ISO images are contained.  The ISO folder is mounted to disk from a USB hard drive.
I ran the command tar with options:
  • x – extract an archive file.
  • v – show the progress of the archive file.
  • f – filename of the archive file
Machine generated alternative text:VNC Command Terminal - naVNC - Google Chrome A Not secure 11:8006/?console=shell&novnc 
=1&vmid=0&vmna... 
_prof ess iona . iso 
_prof ess iona l_lJith_sp1_xB6_dvd_u_6770S6. iso 
_ iso 
en_lJindows_server_2012_r2_x64_dvd_2707B46. iso 
Fedora-server-dud-x86_64-2S-1.3. iso 
Fedora-Norkstat ion-Live-xB6_64-2S-1.3. iso 
ISO 
li-linux-201B.3a-amd64. iso 
li-linux-201B.4-amd64. iso 
nuxmint-1B.3-mate-64bit . iso 
pfsense-CE-2.a.2-RELEASE-amd64. iso 
pfsense-CE-2.a.4-RELEASE-amd64. iso.gz 
$RECYCLE . BIN 
rhel-server-7.2-xB6_64-dvd. iso 
System Volume Information 
ubuntu-16.04. a-server-amd64. iso 
ubuntu-16.04.4-desktop-amd64. iso 
ubuntu-16. 10-desktop-amd64. iso 
virtio-lJin-0.1.141.iso 
Nina. iso 
tar 
enisa-main3.ovf 
enisa-maina-diskl.vmdk 
-xvf enisa-main3.ova
Figure 2. tar command to extract the vmdk file
The output was two files – one an OVF file which contains the settings and configuration of the virtual machine and one file which was the virtual machine disk (VMDK) which are the disk images of the virtual machine.
Although you can run a VMDK file in Proxmox, it’s recommended to use qcow2 which is the default file format for Proxmox virtual machines. Run the VMDK file through the converter – note this can take a while with large files.
In the Proxmox web GUI, click on Create VM and create a VM which meets the requirements of the image you converted. Make sure that you select qcow2 for the disk format. After clicking Finish an empty VM will be created – in this example, I used local storage and VMID 801.
Or, copy vmdk over it in raw format:
VNC Ccmrnend Terminal - ncVNC - Google Chrome A Not secure I kali- linux-2018.q-alfdS4. iso 
linuxmint-1B.3-raate-64bit . iso 
pfsense-CE-2.3.2-RELEASE-amd64.iso 
pfsense-CE-2.3.4-RELEASE-amd64.iso.gz 
. BIN/ 
el -server-7.2-xB6_6q -dud . iso 
stem Volume Information/ 
of qemu-irne info 
ens in3-d 
m- img; Could not open vrndk • : Could not open •ensia-mein3-disk1.vnxIk'• r 
o such file or directory 
gerrw-irag convert -p -0 raw en 
enisa-maina•diskl.vrrdk 
enisa-main3.oua 
enisa-main3.ovf 
It i p le_ed i t Lons_vers ion_1607 _updat ed_ju 1_2016 iso 
It i p le_edi t Lons _vers ion_1607 _updated_Ju 1 _2øL6 iso 
ess iso 
ess _x86 77056. iso 
_dud_27Ø7946. iso 
roottproyujx: gemu-img convert 
/ ve'vm-801-disk-0 
p -o raw enisa-rnains-diskl.vmdk /dex.
Figure 3. Conversion of the vmdk over to raw vm-801-disk-0
Start your Image up in the Proxmox Web GUI and, Booms! That’s it
QEVU (ENSIA) - noVNC - Google Chrome A Not secure I en_us O e) 
Log In
Figure 4. VM up and running…. Need another cup of coffee

Thursday, May 21, 2020

INSTALL IPTV

JALANKAN PERINTAH INI

sudo apt-get update && sudo apt-get upgrade -y sudo apt-get install libxslt1-dev libcurl3 libgeoip-dev python -y wget https://xtream-ui.com/install/install.py sudo python install.py

Apabila muncul MAIN dan LB : MAIN remove database : Y


Tuesday, October 22, 2019

Cara memasukkan aplikasi ke ubuntu

3. Download Wordpress

Jalankan perintah dibawah ini untuk download wordpress
# wget https://wordpress.org/latest.tar.gz
Extrak File wordpress
# tar -zxvf latest.tar.gz
disini saya me rename dari wordpress menjadi website2
# mv wordpress website2
pindahkan forler website2 ke direktori /var/www/html/
# mv website2 /var/www/html/
ubah hak akses pada direktori website2
# chown -R www-data:www-data /var/www/html/website2/
# chmod -R 755 /var/www/html/website2/

4. Configurasi Virtual Host

buat file website2.conf untuk membuat Virtualhost.
# nano /etc/apache2/sites-available/website2.conf
Masukan parameter dibawah ini
<VirtualHost *:80>
        ServerName websiteku.com
        ServerALias www.websiteku.com
        ServerAdmin webmaster@websiteku.com
        DocumentRoot /var/www/html/website2
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Aktifkan Virtualhost
# a2ensite website2.conf
Restart Apache2
# systemctl reload apache2

The Perfect Server - Ubuntu 14.04 (Apache2, PHP, MySQL, PureFTPD, BIND, Dovecot, ISPConfig 3) - Page 5

16. Install PureFTPd And Quota

PureFTPd and quota can be installed with the following command:
apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
Edit the file /etc/default/pure-ftpd-common...
vi /etc/default/pure-ftpd-common
... and make sure that the start mode is set to standalone and set VIRTUALCHROOT=true:
[...]
STANDALONE_OR_INETD=standalone
[...]
VIRTUALCHROOT=true
[...]
Now we configure PureFTPd to allow FTP and TLS sessions. FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure.
If you want to allow FTP and TLS sessions, run
echo 1 > /etc/pure-ftpd/conf/TLS
In order to use TLS, we must create an SSL certificate. I create it in /etc/ssl/private/, therefore I create that directory first:
mkdir -p /etc/ssl/private/
Afterwards, we can generate the SSL certificate as follows:
openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
Country Name (2 letter code) [AU]: <-- Enter your Country Name (e.g., "DE").
State or Province Name (full name) [Some-State]:
<-- Enter your State or Province Name.
Locality Name (eg, city) []:
<-- Enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
<-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []:
<-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, YOUR name) []:
<-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
Email Address []:
<-- Enter your Email Address.
Change the permissions of the SSL certificate:
chmod 600 /etc/ssl/private/pure-ftpd.pem
Then restart PureFTPd:
service pure-ftpd-mysql restart
Edit /etc/fstab. Mine looks like this (I added ,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 to the partition with the mount point /):
vi /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
/dev/mapper/server1--vg-root /               ext4    errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 0       1
# /boot was on /dev/sda1 during installation
UUID=9b8299f1-b2a2-4231-9ba1-4540fad76b0f /boot           ext2    defaults        0       2
/dev/mapper/server1--vg-swap_1 none            swap    sw              0       0
To enable quota, run these commands:
mount -o remount /
quotacheck -avugm 
quotaon -avug

17. Install BIND DNS Server

BIND can be installed as follows:
apt-get install bind9 dnsutils

18. Install Vlogger, Webalizer, And AWstats

Vlogger, webalizer, and AWstats can be installed as follows:
apt-get install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl
Open /etc/cron.d/awstats afterwards...
vi /etc/cron.d/awstats
... and comment out everything in that file:
#MAILTO=root

#*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh

# Generate static reports:
#10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh

19. Install Jailkit

Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig - it cannot be installed afterwards!):
apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper binutils-gold
cd /tmp 
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz 
tar xvfz jailkit-2.17.tar.gz 
cd jailkit-2.17 
./debian/rules binary
You can now install the Jailkit .deb package as follows:
cd .. 
dpkg -i jailkit_2.17-1_*.deb 
rm -rf jailkit-2.17*

20. Install fail2ban

This is optional but recommended, because the ISPConfig monitor tries to show the log:
apt-get install fail2ban
To make fail2ban monitor PureFTPd and Dovecot, create the file /etc/fail2ban/jail.local:
vi /etc/fail2ban/jail.local
[pureftpd]
enabled  = true
port     = ftp
filter   = pureftpd
logpath  = /var/log/syslog
maxretry = 3

[dovecot-pop3imap]
enabled = true
filter = dovecot-pop3imap
action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
logpath = /var/log/mail.log
maxretry = 5

[postfix-sasl]
enabled  = true
port     = smtp
filter   = postfix-sasl
logpath  = /var/log/mail.log
maxretry = 3
Then create the following two filter files:
vi /etc/fail2ban/filter.d/pureftpd.conf
[Definition]
failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*
ignoreregex =
vi /etc/fail2ban/filter.d/dovecot-pop3imap.conf
[Definition]
failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.*
ignoreregex =
Add the missing ignoreregex line in the postfix-sasl file:
echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf
Restart fail2ban afterwards:
service fail2ban restart

BRYAN. Powered by Blogger.

DAFTAR ISIAN

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More